InfoSec News Nuggets 3/26/2024

Microsoft to shut down 50 cloud services for Russian businesses Microsoft plans to limit access to over fifty cloud products for Russian organizations by the end of March as part of the sanctions requirements against the country issued by EU regulators last December. The suspension was initially scheduled for March 20, 2024, but it was moved to the end of the month to give impacted entities more time to set up alternative solutions. The news…
Read More

InfoSec News Nuggets 3/5/2024

Ransomware ban backers insist thugs must be cut off from payday Global law enforcement authorities' attempts to shutter the LockBit ransomware crew have sparked a fresh call for a ban on ransomware payments to perpetrators. Ciaran Martin, founding CEO of the UK's National Cyber Security Center (NCSC), reiterated his stance on the matter a week after LockBit started to get back on its feet again following the efforts of Operation Cronos to bring its servers…
Read More

InfoSec News Nuggets 11/24/2023

PSA: Watch out for these fake Safari and Chrome updates infecting Macs with AMOS  A powerful new malware launched in early 2023 called Atomic macOS Stealer (AMOS) targets Apple users and has become a growing threat. Now, with the latest iteration of the malware, malicious parties are planting AMOS inside fake Safari and Chrome browser updates for Mac. We’ll cover how it works and how to avoid this threat. As a refresher, AMOS is a powerful piece of…
Read More

InfoSec News Nuggets 11/14/2023

Hikers rescued after following non-existent trail on Google Maps  A search-and-rescue group in British Columbia advised hikers to use a paper map and compass instead of street map programs after it said two hikers had been rescued by helicopter after likely following a trail that did not exist, but that appeared on Google Maps. The group, North Shore Rescue, said on Facebook that on November 6 Google Maps had removed the non-existent trail, in a very steep area…
Read More

InfoSec News Nuggets 07/25/2023

Novel Open Source Supply Chain Attacks Target Banking Sector  Application security provider Checkmarx has identified what it described as the first open source software supply chain attacks targeting the banking sector. In a recent report, Checkmarx researchers analyzed two distinct, sophisticated supply chain attacks relying on open source toolsets. Both attacks’ targets were banks. The first attack started in February 2023, when a threat actor uploaded a package to NPM, the world’s largest software registry. This package contained a payload designed to latch…
Read More

InfoSec News Nuggets 12/09/2022

Metropolitan Opera dealing with cyberattack that shut down website, box office The Metropolitan Opera confirmed that it is dealing with a crippling cyberattack that has shut down their website and box office. The New York-based opera house said on Wednesday evening that the cyberattack impacted their network systems, including their “website, box office, and call center.” While all performances will continue as scheduled, the organization is unable to process new ticket orders or provide exchanges…
Read More